Re: IP DHCP snooping bindings

Wassim Aouadi · ‎05-11-2011

Hi,

I have DHCP snooping activated for vlan 11. I configured database agent on a remote TFTP server. DHCP bindings file is populated. However, a "show ip dhcp snooping binding" displays 0 entries.

is this normal behaviour, since bindings are written to the remote file?

CSCO11694772 · ‎05-15-2011

Hi

You have true configure on the device for example IP DHCP SNOOPING have 7 step

Step 1 Enable DHCP snooping globally

Step 2 Enable DHCP snooping on your VLANs.

Step 3 Enable DHCP Option 82 data insertion.

Step 4 Configure the interface as trusted or untrusted <-------- very important

Step 5 Configure the number of DHCP packets per second (pps)

that an interface can receive.

Step 6 Exit configuration mode.

Step 7 Verify the configuration

thx

MA

Wassim Aouadi · ‎06-21-2011

I already did all the steps you mentioned and still had the issue.

Florin Barhala · ‎05-16-2011

Can you post your config first?

CSCO11694772 · ‎05-18-2011

configure terminal

ip dhcp snooping

ip dhcp snooping vlan vlan-range

ip dhcp snooping trustip dhcp snooping trust (Configure the interface as trusted or untrusted. You can use

the no keyword to configure an interface to receive messages from an

untrusted client. The default setting is untrusted)

ip dhcp snooping limit rate rate

ip dhcp snooping verify mac-address

end

show running-config

copy running-config startup-config

************

Switch(config)# ip dhcp snooping

Switch(config)# ip dhcp snooping vlan 10

Switch(config)# ip dhcp snooping information option

Switch(config)# interface gigabitethernet0/1

Switch(config-if)#ip dhcp snooping trustip dhcp snooping trust

Switch(config-if)# ip dhcp snooping limit rate 100

*

show ip dhcp snooping

show ip dhcp snooping binding

show ip dhcp snooping statistics

***************

Thx

MA

Wassim Aouadi · ‎06-21-2011

here it is:

TNSWACCS01A1#sh ip dhcp snooping

Switch DHCP snooping is enabled

DHCP snooping is configured on following VLANs:

11

DHCP snooping is operational on following VLANs:

11

Smartlog is configured on following VLANs:

none

Smartlog is operational on following VLANs:

none

DHCP snooping is configured on the following L3 Interfaces:

Insertion of option 82 is disabled

circuit-id default format: vlan-mod-port

remote-id: 9caf.cac1.b280 (MAC)

Option 82 on untrusted port is not allowed

Verification of hwaddr field is enabled

Verification of giaddr field is enabled

DHCP snooping trust/rate is configured on the following Interfaces:

Interface Trusted Allow option Rate limit (pps)

----------------------- ------- ------------ ----------------

FastEthernet1/0/1 no no 50

Custom circuit-ids:

FastEthernet1/0/2 no no 50

Interface Trusted Allow option Rate limit (pps)

----------------------- ------- ------------ ----------------

Custom circuit-ids:

FastEthernet1/0/3 no no 50

Custom circuit-ids:

FastEthernet1/0/4 no no 50

Custom circuit-ids:

FastEthernet1/0/5 no no 50

Custom circuit-ids:

FastEthernet1/0/6 no no 50

Custom circuit-ids:

FastEthernet1/0/7 no no 50

Custom circuit-ids:

FastEthernet1/0/8 no no 50

Custom circuit-ids:

FastEthernet1/0/9 no no 50

add to that trunk interfaces that are trusted in DHCP snooping.